FIG. 1 is a block diagram that illustrates a conventional payment system 100.
The system 100 includes a conventional payment card/device 102. As is familiar to those who are skilled in the art, the payment card/device 102 may be a magnetic stripe card, an IC (integrated circuit) card, a fob, a payment-enabled smartphone, etc. The payment card/device 102 is shown being carried and used by an account holder/user 103.
The system 100 further includes a reader component 104 associated with a POS terminal 106. In some known manner (depending on the type of the payment card/device 102) the reader component 104 is capable of reading the payment account number and other information from the payment card/device 102.
The reader component 104 and the POS terminal 106 may be located at the premises of a retail store and operated by a sales associate of the retailer for the purpose of processing retail transactions. The payment card/device 102 is shown in FIG. 1 to be interacting with the reader component 104 and the POS terminal 106 for the purpose of executing such a transaction.
A computer 108 operated by an acquirer (acquiring financial institution) is also shown as part of the system 100 in FIG. 1. The acquirer computer 108 may operate in a conventional manner to receive an authorization request for the transaction from the POS terminal 106. The acquirer computer 108 may route the authorization request via a payment network 110 to the server computer 112 operated by the issuer of a payment account that is associated with the payment card/device 102. As is also well known, the authorization response generated by the payment card issuer server computer 112 may be routed back to the POS terminal 106 via the payment network 110 and the acquirer computer 108.
One well known example of a payment network is referred to as the “Banknet” system, and is operated by MasterCard International Incorporated, which is the assignee hereof.
The payment account issuer server computer 112 may be operated by or on behalf of a financial institution (“FI”) that issues payment accounts to individual users. For example, the payment account issuer server computer 112 may perform such functions as (a) receiving and responding to requests for authorization of payment account transactions to be charged to payment accounts issued by the FI; (b) tracking and storing transactions and maintaining account records; (c) rendering periodic account statements; and (d) receiving and tracking payments to the issuer from the account holders.
The components of the system 100 as depicted in FIG. 1 are only those that are needed for processing a single transaction. A typical payment system may process many purchase transactions (including simultaneous transactions) and may include a considerable number of payment account issuers and their computers, a considerable number of acquirers and their computers, and numerous merchants and their POS terminals and associated reader components. The system may also include a very large number of payment account holders, who carry payment cards or other devices for initiating payment transactions by presenting an associated payment account number to the reader component of a POS terminal.
Still further, and as is well-known, for e-commerce transactions, an e-commerce server computer (not shown) may function as the POS terminal. The e-commerce server computer may be operated by or on behalf of a merchant and may be accessed by the account holder via a browser program running on (for example) a personal computer (not shown) or a smartphone (not shown apart from payment device 102). To arrange for the payment portion of the e-commerce transaction, the account holder may manually enter a payment account number, or authorize a charge from a payment account number held on file by the merchant, or access a digital wallet, etc.
Another type of payment account transaction may take place when a customer contacts a merchant by telephone to purchase one or more items. For example, the customer may have received a catalog in the mail and may have seen one or more items in the catalog that that customer desires to purchase. Typically a toll-free telephone number is indicated in the catalog, and allows the customer to phone in to a call center that takes customer orders. In general, a typical transaction involves the customer speaking with a call center customer service representative (CSR) to communicate the item number or numbers for the catalog items that the customer wishes to purchase. If a catalog had been sent to the customer by the merchant, the customer is identified in the merchant's records and the shipping address as stated in the merchant's records is confirmed with the customer. In addition, it is customary for the customer to read off his/her payment card account number and related information to the call center customer service representative so that the representative can enter the payment account information into the merchant's ordering system, to allow the transaction to be charged to the customer's payment account. However, there are some consumers who have doubts about the security of their payment card information when the above phone ordering procedure is followed. This concern on the part of some consumers may deter them from placing telephone orders and may reduce the effectiveness of catalog-based marketing strategies. Likewise, questions about the security of payment account numbers may deter customers from calling service providers (e.g., utility companies, mobile telephone providers) to provide their payment account numbers to settle pending bills from the service providers.